#!/bin/bash
# + -- --=[GooHak v1.5 by 1N3
# + -- --=[http://crowdshield.com
#
# ABOUT:
# GooHak is a shell script to automatically launch google hacking queries against a target domain to find vulnerabilities and enumerate a target.
#
# DEPENDENCIES:
# iceweasel
# Linux

TARGET="$1"
OKBLUE='\033[94m'
OKRED='\033[91m'
OKGREEN='\033[92m'
OKORANGE='\033[93m'
RESET='\e[0m'

if [ -z $TARGET ]; then
	echo -e "$OKORANGE + -- --=[http://crowdshield.com$RESET"
	echo -e "$OKORANGE + -- --=[GooHak v1.5 by 1N3$RESET"
	echo -e "$OKORANGE + -- --=[Usage: goohak <domain>$RESET"
	exit
fi

iceweasel 2> /dev/null &
sleep 5

# LOAD WEBSITE IN A WEB BROSER
iceweasel http://$TARGET 2> /dev/null
iceweasel https://$TARGET 2> /dev/null
# TCPUTILS
iceweasel http://www.tcpiputils.com/browse/domain/$TARGET 2> /dev/null
# NETCRAFT
iceweasel http://toolbar.netcraft.com/site_report?url=$TARGET 2> /dev/null
# SHOWDAN
iceweasel https://www.shodan.io/search?query=$TARGET 2> /dev/null
# CENSYS
iceweasel https://www.censys.io/ipv4?q=$TARGET 2> /dev/null
# CRT.SH
iceweasel https://crt.sh/?q=%25.$TARGET 2> /dev/null
# ZONE-H
iceweasel "https://www.google.ca/search?q=site:zone-h.org+$TARGET" 2> /dev/null
# XSSPOSED
iceweasel "https://www.xssposed.org/search/?search=$TARGET&type=host" 2> /dev/null
# PUNKSPIDER
iceweasel "https://securityheaders.io/?q=$TARGET" 2> /dev/null
# SSLLABS
iceweasel https://www.ssllabs.com/ssltest/analyze.html?d=$TARGET 2> /dev/null
# HEADER CHECK
iceweasel https://securityheaders.io/?q=$TARGET 2> /dev/null

sleep 30

# FIND LOGIN PAGES:
iceweasel "https://www.google.ca/search?q=site:$TARGET+username+OR+password+OR+login+OR+root+OR+admin" 2> /dev/null
# SEARCH FOR BACKDOORS:
iceweasel "https://www.google.ca/search?q=site:$TARGET+inurl:shell+OR+inurl:backdoor+OR+inurl:wso+OR+inurl:cmd+OR+shadow+OR+passwd+OR+boot.ini+OR+inurl:backdoor" 2> /dev/null
# FIND SETUP OR INSTALL FILES:
iceweasel "https://www.google.ca/search?q=site:$TARGET+inurl:readme+OR+inurl:license+OR+inurl:install+OR+inurl:setup+OR+inurl:config" 2> /dev/null
# FIND WORDPRESS PLUGINS/UPLOADS/DOWNLOADS:
iceweasel "https://www.google.ca/search?q=site:$TARGET+inurl:wp-+OR+inurl:plugin+OR+inurl:upload+OR+inurl:download" 2> /dev/null
# FIND OPEN REDIRECTS:
iceweasel "https://www.google.ca/search?q=site:$TARGET+inurl:redir+OR+inurl:url+OR+inurl:redirect+OR+inurl:return+OR+inurl:src=http+OR+inurl:r=http" 2> /dev/null
# FIND FILES BY EXTENSION:
iceweasel "https://www.google.ca/search?q=site:$TARGET+ext:cgi+OR+ext:php+OR+ext:asp+OR+ext:aspx+OR+ext:jsp+OR+ext:jspx+OR+ext:swf+OR+ext:fla+OR+ext:xml" 2> /dev/null
# FIND DOCUMENTS BY EXTENSION:
iceweasel "https://www.google.ca/search?q=site:$TARGET+ext:doc+OR+ext:docx+OR+ext:csv+OR+ext:pdf+OR+ext:txt+OR+ext:log+OR+ext:bak" 2> /dev/null
# FIND APACHE STRUTS RCE's:
iceweasel "https://www.google.ca/search?q=site:$TARGET+ext:action+OR+struts" 2> /dev/null
# FIND PASTEBIN POSTS FOR DOMAIN:
iceweasel "https://www.google.ca/search?q=site:pastebin.com+$TARGET" 2> /dev/null
# FIND EMPLOYEES ON LINKEDIN:
iceweasel "https://www.google.ca/search?q=site:linkedin.com+employees+$TARGET" 2> /dev/null

